InfoSec in the News

Many of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Digital Forensic Investigator News

SC Magazine Newswire

Security Wire Digest

Sophos Virus News


- Visit SANS, Sophos, SC magazine, and InfoSecurity magazine websites to sign up for news feeds -

1 Sept 2016 - Kimpton Hotels Acknowledges Breach  
Kimpton Hotels has posted a notice to its website acknowledging a security breach that affected payment terminals at some of its properties. Attackers appear to have had access to the payment systems between February 16, 2016 and July 7, 2016. Customers who used payment cards at certain Kimpton front desks and restaurants may be affected by the breach. Kimpton has provided a list of properties where terminals were compromised.


22 August 2016 - Some Healthcare Providers Not Encrypting Data in Transit
According to a survey from the Healthcare Information Management Systems Society (HIMSS), roughly one-third of hospitals, and more than half of non-acute healthcare providers do not encrypt patient data while in transit. Just over 60 percent of acute providers and 48 percent of non-acute providers do encrypt patient data while on their systems.

18 August 2016 -Locky Ransomware Used Against Hospital Systems
According to FireEye, computer systems at hospitals in the US and Japan are being hit with Locky ransomware in a "massive" campaign. FireEye noted a spike in these attacks earlier this month.

18 August 2016 - Arrest in Sage Software Breach
Police in the UK have arrested a woman in connection with a data breach at the Sage software company. The incident, which involved unauthorized access by someone using internal login credentials, exposed personal information of employees at 280 organizations in the UK. The unnamed woman, who is currently a Sage employee, was arrested on "suspicion of conspiracy to defraud."

14 August 2016 - Sage Software Company Internal Breach
The accounting software company Sage Group has acknowledged a data breach that may affect hundreds of their business customers. The breach was caused by someone using an internal login without authorization. Sage has begun notifying affected customers, many by phone calls. The UK information Commissioner's office (ICO) has been contacted.

10 August 2016 - Google to Warn Users About Potentially Dangerous eMail
In a blog post, Google says it will send warnings to users when they receive email messages that could harm their computers. The warning will ask users if they want to open messages that Google deems untrustworthy either because they contain links to sites known to host malware, or because Google cannot authenticate that the sender is who it claims to be.

4 August 2016 - Illinois Hospital Chain Will Pay US $5.5 Million HIPAA Violation Fine
Advocate Health Care Network, Illinois largest hospital chain, will pay a record US $5.5 million fine for failing to adequately protect patient data, resulting in the exposure of more than four million patient records. The fine is the highest ever imposed under Health Insurance Portability and Accountability Act (HIPAA) regulations.

16 March 2016 - Lost Flash Drive Exposes Data of Karmanos Cancer Center Patients
An unencrypted flash drive containing the protected health information of 2,808 patients of the Barbara Ann Karmanos Cancer Center has been declared lost. The flash drive had been mailed to Barbara Ann Karmanos Cancer Center but when the package arrived, the flash drive was discovered to be missing.

24 February 2016 - Bank Employees Received Fake Job Offers in Targeted Email Attack
Symantec has revealed how six employees at a Russian bank got infected with a trojan through a phishing attack.

24 February 2016 - Man Gets 30 Months For Sabotaging Employer's Servers
The U.S. Department of Justice yesterday announced that Nikhil Nilesh Shah, 33, of Union, N.J., was sentenced to 30 months in prison for sending malicious code to the software company that formerly employed him as an information technology manager

22 February 2016 - HR Should Be the First Line of Cyber-Defense
An IBM report found 32% of data breaches are attributable to malicious insiders and 24% are due to insider errors or non-adherence to processes and policies.  This shows that a lot of the woes in cybersecurity can be avoided through proper on-boarding and training – essentially, through proper HR policies.  However, researchers found that only 57% of chief human resource officers globally have rolled out cybersecurity training for employees.

19 February 2016 - The Gap Between Executive Cyber-Awareness and Enterprise Security
As cyber-attacks continue to grow in aggression and impact, CEOs and boards are increasingly being held accountable, often publicly, for the security posture of their organization.  However, research has found that while 60% of respondents believe their organization could be breached, one third of CEOs and 43% of management teams are still not regularly briefed on cybersecurity issues and the related business risks

18 February 2016 - Locky Ransomware
Ransomware called Locky spreads via a malicious macro in a Word document. The malware demands a ransom of half a Bitcoin for the key to unlock the encrypted files. Locky has infected machines in Europe, Russia, Pakistan, Mali, and the US.

18 February 2016 - The Human Element of Cyber-Security
As both the public and private sectors continue to improve their cybersecurity posture, they should not overlook the impact of human factors, and how integral they are to the overall success of any CND strategy.

18 February 2016 - California Hospital Paid Ransom to Regain Access to Data
Hollywood Presbyterian Medical Center in southern California paid a 40 Bitcoin (US $16,850; 15,150 euro) ransom for the cryptographic key to restore access to its files. The hospital's systems had remained largely inaccessible for 10 days. Access was restored on Monday, February 15.

15 February 2016 - Ransomware Hits California Hospital
Computer systems at the Hollywood Presbyterian Medical Center in southern California have fallen prey to ransomware. The systems have been offline for more than a week. Employees were not able to access patient files and the hospital declared the situation an internal emergency. The FBI, the Los Angeles Police Department, and cyberforensics experts are investigating. The attackers have demanded a ransom of 9,000 Bitcoins (approximately US $3.6 million; 3.2 million euros.)

12 February 2016 - Man Pleads Guilty to Money Laundering in PBX Scam
A man has admitted to laundering US $19.6 million for a group that stole close to US $50 million by breaking into PBX telephone systems at companies, finding phone extensions that were not assigned to employees, and reprogramming them so they could make long-distance calls to premium numbers operated by the group. Muhammad Sohail Qasmani has pleaded guilty to one count of conspiracy to commit wire fraud. In all, the group responsible for the scheme is believed to have made US $50 million over a four-year period.

2 February 2016 - Nuclear Regulatory Commission Employee Pleads Guilty to Spear Phishing
A former US Department of Energy (DOE) employee has pleaded guilty to charges of unauthorized access and intentional damage to a protected computer for a spear phishing campaign targeting his former co-workers. Charles Harvey Eccleston was trying to get the recipients to click on links that would allow malware onto the DOE's network and expose sensitive information. Eccleston worked at the DOE's Nuclear Regulatory Commission (NRC) until he was fired in 2010. In 2013, Eccleston began attempting to sell sensitive energy data to people he believed to be foreign agents.

2 February 2016 - Australian Hospital Still Struggling with Malware
Computer systems at Royal Melbourne Hospital are still infected with Qbot, malware that has the ability to steal account access credentials. While most departments' systems are once again functional, Qbot "mutated six times" in one day, according to a Melbourne Health executive. The hospital is using computers running on Windows XP.

27 January 2016 - Facebook-prowling predator arrested after mother helps police
A mother found a Facebook conversation her daughter had been having with an unknown man. After contacting police, they found he had been targeting hundreds of underage girls. A sting operation caught him attempting to meet the daughter, which was actually the police posing as her.

27 January 2016 - NYC Department of Consumer Affairs Investigating Baby Monitor Security
The New York City Department of Consumer Affairs is investigating baby monitors that are vulnerable to attacks. The agency has sent subpoenas to four as-yet unnamed companies asking for information about the way they address the security of their products. It has also posted an alert for consumers that includes advice on how to protect their monitors.

21 January 2016 - Symantec Finds a RAT
Symantec has issued a warning about a remote access Trojan (RAT) that is targeting small and mid-sized businesses (SMBs) in India, the UK, and the US. This particular variant uses the Backdoor.Breut and Trojan.Nancrat RAT tools; it has been active since early last year. The malware is spreading through phishing emails. No zero-days are being used in the attack, to systems that are up to date on patches should be protected.

20 January 2016 - 25 Worst passwords of 2015
Take a look at these passwords. Did yours make the list?

14 January 2016 - Top spy James Clapper is latest victim of (alleged) teen hackers
An (alleged) teen hacker named Cracka claims to have socially enginnered his way into the country’s top spy, Director of National Intelligence (DNI) James Clapper.

13 January 2016 - More Bad Ransomware
A malware variant that renders files unrecoverable, even by the criminal responsible for spreading it, has been detected. The malware is a variant of a proof-of-concept file that has been tweaked so that it encrypts the decryption key, making it virtually impossible for the files to be recovered.

12 January 2016 - St Louis Cardinals exec hacked Houston Astros With Weak Passwords
Chris Correa, former scouting director for the professional US baseball team St. Louis Cardinals, pleaded guilty on Friday to five counts of computer hacking and admitted he repeatedly accessed a proprietary database belonging to a rival team – the Houston Astros – without authorization.

7 January 2016 - Bad Apps in Google Play
Several apps available from the Google Play store have been found to make downloads without permission and to attempt to gain root access to the devices on which they are running. Google has removed 13 malicious apps from the store; at least one of them had been downloaded nearly one million times.

[SAI: Make sure you only install apps from well-known sources/developers]

4 January 2016 - JavaScript Ransomware Spreading
What is believed to be the first JavaScript-based ransomware-as-service is spreading. Because of the way it works, Ransom32 is likely to be able to infect multiple operating systems.

30 December 2015 - Free Public Wi-Fi in NYC
New York City plans to install 10,000 free public Wi-Fi hotspots. Once operational, the kiosks will provide 2.0 strength in a 150-foot radius, as well as USB chargers, touchscreen Internet access, and free phone calls within the US. The project expected to realize US $500 million in advertising revenue over 12 years. The plan calls for the first 500 kiosks to be up within the next six months; 4,500 additional hubs are expected to be established over the next four years. The system will be encrypted.

30 December 2015 - Former Yandex Employee Sentenced for Code Theft
Former Yandex employee Dmitry Korobov has been sentenced to two years in prison for stealing software from the company and trying to sell it. The software, known as Arcadia, contains source code and critical algorithms for the Yandex search engine. Korobov attempted to sell the information for roughly US $29,000; its value has been estimated at US $15 million. Yandex is Russia's largest search engine.


© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map